16 November 2017

Wifi: Channel

- wifi umpama hub. satu client hantar signal/gelombang, semua boleh nampak.
- 2 hantar serentak, akan ada gangguan/interference
- CCA(Clear Channel Assessment): semak dulu tiada client lain yg hantar signal, baru hantar. kalau ada, tunggu pada masa yg rawak, baru cuba hantar semula.
- receiver mesti ACK setiap terima signal.




ref:
1- https://commotionwireless.net/docs/cck/networking/learn-wireless-basics/ (good)
2- https://documentation.meraki.com/MR/WiFi_Basics_and_Best_Practices/Channel_Planning_Best_Practices
3- 

25 October 2017

windows reactivation slmgr

slmgr -rearm

HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/SoftwareProtectionPlatform
–>“SkipRearm”=dword:00000000
Just change 00000000 to 00000001. (After 3 Rearms Windows 7 Reaarm key would change to 00000000,So we have to change the value to enable Rearm once again).

11 October 2017

mata api

mandian: 46% incedent , tiada malware di install.

100% attack, curi credential


Attack lifecylce:
-Initial Recon
-Initial Compromise(laptop, end user device)
-Establish Foothold
-Escalate Privileges
-Internal Recon
-Complete Mission(data theft) (disini baru ada bussiness impact.)

Prevention:
-Malware problem
-Endpoint EPP
-Tactical Intellgigence
-MSSP

Detection Breach
-First Atack, usually malware, tapi lepas breach, human attacker.
- Endpont Detection and Response(EDR)
- Operational Threat Intellignence
-MDR, Manage Detection and REsponse




Fin7
mimikatz
gizmodo
doubleagent

14 September 2017

php://input

Actually php://input allows you to read raw POST data.

php://input is not available with enctype="multipart/form-data".





So, if you simply POST a good old HTML form, the request looks something like this:
POST /page.php HTTP/1.1

key1=value1&key2=value2&key3=value3



request with a JSON-payload would look something like this:
POST /page.php HTTP/1.1

{"key1":"value1","key2":"value2","key3":"value3"}
The content would now be application/json (or at least none of the above mentioned), so PHP's $_POST-wrapper doesn't know how to handle that (yet).
The data is still there, you just can't access it through the wrapper($_POST). So you need to fetch it yourself in raw format with file_get_contents('php://input') (as long as it's not multipart/form-data-encoded).




ref:  https://stackoverflow.com/questions/8893574/php-php-input-vs-post